linux/security
Dmitry Kasatkin 15647eb398 evm: digital signature verification support
This patch adds support for digital signature verification to EVM.
With this feature file metadata can be protected using digital
signature instead of an HMAC. When building an image,
which has to be flashed to different devices, an HMAC cannot
be used to sign file metadata, because the HMAC key should be
different on every device.

Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
Acked-by: Mimi Zohar <zohar@us.ibm.com>
2011-11-09 16:51:14 +02:00
..
apparmor apparmor: sparse fix: include procattr.h in procattr.c 2011-09-09 16:56:29 -07:00
integrity evm: digital signature verification support 2011-11-09 16:51:14 +02:00
keys security: follow rename pack_hex_byte() to hex_byte_pack() 2011-10-31 17:30:56 -07:00
selinux selinux: Add export.h to files using EXPORT_SYMBOL/THIS_MODULE 2011-10-31 19:31:32 -04:00
smack Smack: allow to access /smack/access as normal user 2011-10-20 16:07:31 -07:00
tomoyo Merge branch 'for-linus' of git://git.selinuxproject.org/~jmorris/linux-security 2011-11-02 17:01:01 -07:00
capability.c ->permission() sanitizing: don't pass flags to ->inode_permission() 2011-07-20 01:43:26 -04:00
commoncap.c capabilities: initialize has_cap 2011-08-16 09:20:45 +10:00
device_cgroup.c security,rcu: Convert call_rcu(whitelist_item_free) to kfree_rcu() 2011-07-20 11:05:30 -07:00
inode.c convert get_sb_single() users 2010-10-29 04:16:28 -04:00
Kconfig encrypted-keys: remove trusted-keys dependency 2011-09-14 15:23:49 -04:00
lsm_audit.c LSM: separate LSM_AUDIT_DATA_DENTRY from LSM_AUDIT_DATA_PATH 2011-04-25 18:14:07 -04:00
Makefile integrity: move ima inode integrity data management 2011-07-18 12:29:38 -04:00
min_addr.c mmap_min_addr check CAP_SYS_RAWIO only for write 2010-04-23 08:56:31 +10:00
security.c Merge branch 'next' of git://selinuxproject.org/~jmorris/linux-security 2011-10-25 09:45:31 +02:00